diff --git a/Marco.Pms.Services/Helpers/MasterHelper.cs b/Marco.Pms.Services/Helpers/MasterHelper.cs index 115b4b6..0698733 100644 --- a/Marco.Pms.Services/Helpers/MasterHelper.cs +++ b/Marco.Pms.Services/Helpers/MasterHelper.cs @@ -356,41 +356,58 @@ namespace Marco.Pms.Services.Helpers try { - // Step 1: Get tenant and employee info + // Step 1: Validate input + if (id == Guid.Empty || id != updateWorkStatusDto.Id) + { + _logger.LogWarning("Invalid ID provided for update. Route ID: {RouteId}, DTO ID: {DtoId}", id, updateWorkStatusDto.Id); + return ApiResponse.ErrorResponse("Invalid data provided", "The provided work status ID is invalid", 400); + } + + // Step 2: Get tenant and logged-in employee Guid tenantId = _userHelper.GetTenantId(); var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync(); - // Step 2: Check permission to update master + // Step 3: Check permissions var hasManageMasterPermission = await _permissionService.HasPermission(Manage_Master, loggedInEmployee.Id); if (!hasManageMasterPermission) { - _logger.LogWarning("Update denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id); - return ApiResponse.ErrorResponse("You don't have access", "Don't have access to take action", 403); + _logger.LogWarning("Access denied. EmployeeId: {EmployeeId} does not have Manage Master permission.", loggedInEmployee.Id); + return ApiResponse.ErrorResponse("Access denied", "You do not have permission to update this work status", 403); } - // Step 3: Retrieve existing work status by id and tenant + // Step 4: Retrieve the work status record var workStatus = await _context.WorkStatusMasters .FirstOrDefaultAsync(ws => ws.Id == id && ws.TenantId == tenantId); if (workStatus == null) { - _logger.LogWarning("Work status not found for Id: {Id}", id); - return ApiResponse.ErrorResponse("Work status not found", "Work status not found", 404); + _logger.LogWarning("Work status not found for ID: {Id}", id); + return ApiResponse.ErrorResponse("Work status not found", "No work status found with the provided ID", 404); } - // Step 4: Update fields + // Step 5: Check for duplicate name (optional) + var isDuplicate = await _context.WorkStatusMasters + .AnyAsync(ws => ws.Name == updateWorkStatusDto.Name && ws.Id != id && ws.TenantId == tenantId); + + if (isDuplicate) + { + _logger.LogWarning("Duplicate work status name '{Name}' detected during update. ID: {Id}", updateWorkStatusDto.Name ?? "", id); + return ApiResponse.ErrorResponse("Work status with the same name already exists", "Duplicate name", 400); + } + + // Step 6: Update fields workStatus.Name = updateWorkStatusDto.Name?.Trim() ?? ""; workStatus.Description = updateWorkStatusDto.Description?.Trim() ?? ""; await _context.SaveChangesAsync(); - _logger.LogInfo("Work status updated successfully. Id: {Id}", workStatus.Id); + _logger.LogInfo("Work status updated successfully. ID: {Id}", id); return ApiResponse.SuccessResponse(workStatus, "Work status updated successfully", 200); } catch (Exception ex) { - _logger.LogError("Error occurred while updating work status Id: {Id} : {Error}", id, ex.Message); - return ApiResponse.ErrorResponse("An error occurred", "Unable to update work status", 500); + _logger.LogError("Error occurred while updating work status ID: {Id} : {Error}", id, ex.Message); + return ApiResponse.ErrorResponse("An error occurred", "Unable to update the work status at this time", 500); } } public async Task> DeleteWorkStatus(Guid id)